We compared Cortex XDR by Palo Alto Networks and Darktrace based on our users’ reviews in four categories. After reading the collected data, you can find our conclusion below.
Comparison of Results: Based on the parameters we compared, Cortex XDR by Palo Alto Networks seems to be the superior solution. Our reviewers feel that because Darktrace is lacking where security is concerned, Cortex XDR is a better investment.
"The product's initial setup phase is very easy."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"The price is low and quite competitive with others."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"The most valuable feature is the analysis, because of the beta structure."
"Has great threat detection capabilities."
"We've had a significant increase in blocking with a decrease in false positives, because it's looking at how the files work, not just a list of files that it's been told to look for."
"We can use Cortex XDR to get the entire graph of the incidents from source to destination, and we can take remedial action."
"The solution allows us to make investigations. Other XDR solutions also provide similar capabilities but for investigation, Cortex XDR is better."
"I like the centralized console and the predictive analysis it does of malware. It is very stable and also scalable."
"The ability to kind of stitch everything together and see the actual complete picture is very useful. I guess you'd call it a playbook. Some people call it the forensics analysis of what was happening on particular endpoints when they detected some malicious behavior, and what transpired before that to cause that. It is also very user friendly. The way they have done everything and integrated all the solutions that they've purchased over the years to make it a very seamless, effective product is very good. One thing about Palo Alto is that they take the products or services that they purchase and make them seamless for the end user as compared to some companies that purchase other companies and then just kind of have their products off to the side or keep different interfaces. Palo Alto doesn't do that."
"The product has an intuitive dashboard."
"The initial setup isn't too bad."
"The Dynamic Threat Dashboard is very nice, as it lists all of your threats and rates them, and then you can choose whether to investigate further."
"The most valuable feature is the solution's ability to trim out the false positives and point your attention to the real important stuff."
"The most valuable feature of Darktrace is the AI that detects abnormal network activity."
"We are able to detect a lot of things, actually, and see what is happening in our network."
"I have found the automation and AI features to be valuable. If someone were to come in to the office at midnight and log in, Darktrace would flag it."
"In terms of features, the data or information they collect and unsupervised machine learning are very valuable. Its unsupervised machine learning has reduced our team's effort. Both Darktrace and Vectra work on unsupervised machine learning that learns the behavior or develops a profile on its own, which allows our security team to do some other tasks rather than spending time on Darktrace or Vectra. Because of unsupervised machine learning, its detection capability is quite good. Along with that, if we utilize the integration feature properly, the automated incident response capability of Darktrace is quite useful."
"It provides a comprehensive, detailed view of network activity and whatever is happening inside it."
"The product offers us a very good user interface and we've found the network visibility to be very good so far."
"The only minor concern is occasional interference with desired programs."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"FortiEDR can be improved by providing more detailed reporting."
"I haven't seen the use of AI in the solution."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"We find the solution to be a bit expensive."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"In general, the price could be more competitive."
"There are some third-party solutions that are difficult to integrate with, which is something that can be improved."
"The product's pricing needs improvement. They could provide more discounts. Additionally, the dashboard and control panel could be enhanced."
"The licensing model is complex to understand. It requires expertise to explain how the licensing works. You need expertise to guide you through the subscription plan."
"Currently, we are monitoring all USB drives and ports but we would like to improve our device control capabilities."
"Although I would say this product is highly-rated, it could probably do more because nothing does everything that you want."
"It is not easy to sell Cortex XDR, not because it isn't a good tool. Its marketing needs to be improved."
"Technology evolves every day, so it would be nice if it gets more secure. It can also have more integration with other platforms."
"Getting logs from different sources can be a challenge."
"The level of tracking within the network from the transmission level up to the machine level can use improvement."
"A reporting portal could be a great addition to help customize reports."
"This is quite an expensive product so the pricing is something that can be improved."
"This product needs more in terms of prevention. The detection capabilities work well but once a threat has been detected, Darktrace should work to prevent it from doing anything malicious."
"The pricing model is a little too high and could be more flexible."
"There aren't so many third-party vendor platforms natively integrated with the platform."
"I would like to see some additional enhancements."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 4th in Endpoint Protection Platform (EPP) with 80 reviews while Darktrace is ranked 13th in Email Security with 65 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Darktrace is rated 8.2. The top reviewer of Cortex XDR by Palo Alto Networks writes "It provides a whole new level of visibility and integrates with most other vendors". On the other hand, the top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Symantec Endpoint Security, Trend Micro Apex One and SentinelOne Singularity Complete, whereas Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cisco Secure Network Analytics and ExtraHop Reveal(x).
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.